Posted
by
Soulskill
on Friday January 17, 2014 @06:24PM
from the brought-to-you-by-giant-blinking-eyesores dept.

An anonymous reader writes "This article discusses the ethics and the mechanics of ad-blocking software. Toward the end, it goes into some of the tech that's been built to circumvent ad blockers. Quoting: 'PageFair offers a free JavaScript program that, when inserted into a Web page, monitors ad blocking activity. CEO Sean Blanchfield says he developed the monitoring tool after he noticed a problem on his own multiplayer gaming site. PageFair collects statistics on ad blocking activity, identifies which users are blocking ads and can display an appeal to users to add the publisher's website to their ad-blocking tool's personal whitelist. But Blanchfield acknowledges that the user appeal approach hasn't been very effective. ClarityRay takes a more active role. Like PageFair, it provides a tool that lets publishers monitor blocking activity to show them that they have a problem — and then sells them a remedy. ClarityRay offers a service that CEO Ido Yablonka says fools ad blockers into allowing ads through. "Ad blockers try to make a distinction between content elements and advertorial elements. We make that distinction impossible," he says.' Is this arms race winnable? By which side?"

...and suddenly the pages stop working altogether. It is trivial to make a page that is empty and use JavaScript to load the contents of the page. If these guys resort to AdBlock-detectors, why do you think they would allow NoScript to circumvent that?

JavaScript performance on mobile is terrible - like 10x slower than desktop. If you make your website dependent on javascript, prepare to lose a lot of mobile customers who won't have the patience to wait it out.

What I want to know is this....are the website operators going to take responsibility and pay for the damages the malware carried in their precious ads cause? No? Then please DIAF you greedy little self centered shits, your "business model" is a blight upon the planet and needs to die!

Do you guys have ANY idea what happens when you take the average Windows PC and block 100% of the ads? Or block them on an *Android phone or tablet? Honestly you might as well not even have AV as its never gonna get anything to attack, infections drop right of the map. Leave their precious POS business model intact? Say hello to a PC that has more nasties than a Bangkok Whore on Sunday morning after shore leave as infected ads are the #1 source for zero days, drive bys, and social engineering and these greedy little piggies want the profits but they want to take ZERO responsibility for the messes their profits make.

So sincerely, from the bottom of my heart...go fuck yourselves website owners. Do you guys have any idea how fucking TRIVIAL it is to make ads that waltz right pass the ad blockers? 1.- Make ads first party (so they have to actually wake the fuck up and see what they are shoveling), 2.- Make them text or basic images like JPG or GIF (but then they couldn't hijack your speakers and blow your ears off, what fun is that?) and NO FLASH ADS because flash zero days are one of the biggest attack vectors out there (but then they couldn't get "teh big bux" for having the most annoying Goatse of ads spewed on their pages)

So do what old Hairy does, when a site "appeals to turn off your blocker" I head straight to their forums and ask them right out "Are you gonna take financial responsibility when one of your ads infects one of my customers?" and then point out how trivial it is to bypass the blockers with non-threatening content. You'd be surprised how many people don't know that those pieces of malware they "just keep getting somehow" are coming from assholes like in TFA and spreading the word is required to bring this to a head. They are making profits from a risky business, they should have to assume the downsides as well as the profits and clean up their own messes.

*.-The Googleits can piss and moan like the Cult of Jobs how "But but but...those don't count!" but from my seat at the shop the #1 source of Android malware? Social engineering, tricking the user into installing that.APK from an unknown source and taking control of the system...where are they seeing the social engineering instructions that take them to the website and show them how to bypass the appstore? The same place Windows users are getting social engineering, through ads.

Make them text or basic images like JPG or GIF (but then they couldn't hijack your speakers and blow your ears off, what fun is that?) and NO FLASH ADS because flash zero days are one of the biggest attack vectors out there

I agree, as does the featured article: "In addition, users who dislike the distraction of Flash-based advertising can install browser add-ons that just block Flash content, such as Flashblock for Firefox and Chrome." Flashblock for Firefox is the middle ground that I've been choosing for years. And before that became available, I had a practice of hosts-blocking any ad server that served SWF on a site. Slashdot was surprisingly one of the first sites I saw that showed an SWF ad for Splunk log analysis software, and whatever server was serving it was the first to get 0.0.0.0'd in my hosts file.

(but then they couldn't get "teh big bux" for having the most annoying Goatse of ads spewed on their pages)

Yeah, the article quotes the VP of some web advertising consulting firm who whines that static ads have an unviably low CPM. Boo hoo.

They ALL have low CPM. And the more obnoxious and intrusive the ad, the more you're pushing people to ad blockers. (or simply abandoning your site) With the ever increasing greed from ISPs in the form of bandwidth limits and heavy overage fees, **I** don't want to be paying the per-byte costs of completely USELESS content. Go use the internet over dialup for just an hour and tell me how much you like all the bull**** ads, or the overabundance of enormous javascript libraries.

I don't have a problem with javascript, as I do make stuff with it. Done right, you don't have as much impact on the bandwidth as you think. If you have megs of javascript libraries being referenced from external CDN's, you're doing it wrong.

It's going to go down that road anyways till the end. Web browsers have ceased being about document markup and rendering, which is how it started, to running external code in complicated sand boxes. You can't put that genie back in the bottle.

The issue is being able to trust that javascript, which is really about trusting the sandboxes to not allow malicious code to be run. Tracking is a problem of course, but that is mitigated by blocking software that stops those specific scripts and domains from working. Once a Big Data company like that gets big enough, they'll just get shut down by the blockers, which is a very good thing. It protects our privacy as well as our computers.

If you don't want javascript and external code libraries you're only other option is to have a single universal API developed that ALL browsers adhere strictly to. Blocking tracking software is simple as a permissions setting at that point to not listen to any tracking tags or events set up in the page. AJAX type events would need to be classified accordingly and secured. An event going toward a different domain than the page? Blocked by permissions. Image not from the domain? Don't even download it based on permissions. CDN's should be registered in the browser as an alternative for any file that needs to be downloaded for a "page".

Above all, that API should have plentiful RBL's that outright disable all external calls. We want accountability? How about within an hour of malware being downloaded those RBL's are proactive like some email services and browsers start blocking that particular site or CDN automatically? That would make propagation of malware a real bitch in production. Not to mention if you are a big outfit and that happens people will start getting fired till it's fixed. I've been in a major company that got their email shut down by Cisco IronPort (Over half the vendors they dealt with were rejecting mail). Some yahoo in the data center thought it would be cool to run his own little server which got hacked and delivered out 9 tons of spam that shut down corporate email for 4 days till IronPort finally cleared it up.

Can you even imagine what would happen if one of those RBL systems blocked Yahoo by default a week or two ago? Shit storm indeed, but a needed one.

We don't have any of that.

What we *do* have is a clusterfuck of technology that developed from an interesting idea to effectively share a word processing screen at universities that is fundamentally toxic to us. We spend billions cleaning it, defending it, and developing it, etc.

It just needs to be scrapped and start over.

So no, blocking javascript is not the answer either. Unless you want to be left behind with non-working pages because people like me are getting really tired of needing to expend those resources for graceful failure. We don't have the time or the money to do that anymore (not in this economy) and javascript and JQuery (along with the other JS frameworks) are here to stay. So many of the "shiny" features out there only work in an event based framework where I can modify the DOM without reloading the entire page.

The whole mess is just terrible and we keep refactoring code to old email and document markup systems without addressing the underlying issues at all.

The root issue is people are stupid and lazy. If your 250k of JS actually does things, that's one thing. When you include (an uncompressed) version of JQuery to use one tiny function (that you don't JQuery to actually do), or worse don't use any part of it, you're wasting everyone's time and bandwidth.

Every time I research how to do something in a browser, every. single. fucking. time. The top 90 out of 100 answers is to load some enormous bloated framework widget toolkit and kitchen sink replicator. for what has, in every case so far, boiled down to 1-2k of formatted, human readable JS. Apparently, I'm the only motherf***er in the universe that cares if his web page is 3k vs 300k, in 1 file vs. dozens.

There is an argument that a small site with low visitor counts can get away with a 1 meg download that is cached afterwards anyways. That being said, I think anyone that claims they are anything greater than a novice must use scaleable web design practices. Meaning, that you have to justify every single 1k of data being returned by the web server.

The problem you reference are what I call the web hobbyists. Web developers are plagued with the hobbyists to the extent that people by default think they are fucking morons.

I'm being nice, but there are so many people out there selling their development services that don't even understand PHP or JS and can only follow instructions on some page to get a Wordpress plugin to work. These are the people operating at such a high level of abstraction that they have no idea how a web browser actually works at all. I'm no expert and even I understand headers and the general theory behind rendering and running client side code.

Trial and error by shoving JS on a page and hoping for the best is quite normal unfortunately.

I actually had somebody give me a page back that they had worked on, (which looked very good), and required some JS to dynamically do something (don't remember). They literally copied and pasted the JS from some blog page and gave it to me as a finished product. Never bothered changing the ID, let alone creating a class, and let the code run trying to attach events to non-existing page elements. The library was not even included.

That person probably represents the norm for the armchair web hobbyist that would be unemployed if it was not for Wordpress.

What we *do* have is a clusterfuck of technology that developed from an interesting idea to effectively share a word processing screen at universities that is fundamentally toxic to us.

no. the toxicity comes from the advertising and the insistence on javascript (and flash and java etc applets).

just displaying documents is harmless. it's the fact that web-dev fuckers (and worse, "designers") want to run arbitrary code on millions of computers belonging to other people that is the source of the harm.

So many of the "shiny" features out there only work in an event based framework where I can modify the DOM without reloading the entire page.

you're making the mistake of assuming those "shiny" features are essential. they're not. in fact, more often than not, they're a PITA and end up being a reason not to return to the site.

if a web site or even just a web page doesn't work without javascript, then it is broken. js can be useful to *optionally* enhance a page, but the page should work (i.e. display the important information and navigation controls) without javascript.

BTW:

CDN's should be registered in the browser as an alternative for any file that needs to be downloaded for a "page".

so CDNs become a back door for malware because they're all whitelisted/trusted. what's the point of managing permissions for a site if that site can just bypass restrictions by uploading their scripts and malware to a popular CDN?

doing that would also allow CDNs to spy on users as they browse from site to site, linking accounts and IDs and activities - same as ad networks now (which is yet another reason to run adblock).

if ads were just static graphics without any animation and without spyware/tracking and without javascript then most people wouldn't give a shit about ads and wouldn't bother blocking them (it was animated GIFs that motivated me to write my first ad blocker in the mid 90s...the text and static GIFs that were common before then didn't annoy me enough to be worth the bother of eliminating)

Seriously, though. That is exactly why I installed an ad-blocker. I specifically allow sites I visit in order to live up to that philosophy, but I have yet to see a single site since 1999 that hosts 100% of its own advertising. I actually enjoy seeing in house ads for exactly this reason, even if the site reviews the product it is advertising, because it shows that they give a care about their users/readers.

There are sites I would happily support by whitelisting them in adblock, but I've seen their ad companies send infectious shit and other problematic ads down the pipe. And when it happens they block it and apologize, but that doesn't prevent anything from happening first.

And even ads supplied by Yahoo and Google aren't immune. Those are the two most reputable ad suppliers, and both have been known to occasionally shove out malware-laden ads. Until I can get a 100% guarantee against ad-based malware, AdBlock+ stays running.

infected ads are the #1 source for zero days, drive bys, and social engineering

Make them text or basic images like JPG or GIF (but then they couldn't hijack your speakers and blow your ears off, what fun is that?) and NO FLASH ADS because flash zero days are one of the biggest attack vectors out there

This!!

I don't block ads because of some desire to screw website operators out of revenue, or because I think I'm somehow entitled to get everything for nothing - I block them because many of them (especially the flash ones!) are intrusive, disruptive, annoying, and vectors for malware infestation, and because I don't care for having my every activity tracked by Big Data ad networks.

If a website uses unobtrusive, relevant, self-hosted, static ads, I have no issue whatsoever with displaying them (and even -

Why do so many mobile sites popup a dialog which is mostly off the right of the screen, and where, when you zoom in to try and find where they've hidden the non-standard, non-intuitive 'close' icon, it moves further offscreen? How am I supposed to remove the popup (which is covering a lot of the content, and making the screen dark to 'highlight' its importance)? 2014 - it's hard to deal with small screens? How? How is it hard? How did you get a job writing websites when they're so fucking sucky?

I absolutely hate that shit, you go to a site and it renders, then goes dark because some fucking scrip takes over and tries to force some card on me or some shit. Fuck them. Big time. I see that shit, I'm outta there. Period.

the correct way to render a page is however the user wants it rendered at that moment in time. this may vary based on the device they're using, the time of day, how tired their eyes are, arbitrary whim, and thousands of other factors - almost none of which can be anticipated or predicted by you.

amongst other things, that means web sites should emit just plain xhtml with simple css and don't do any fucking with the DOM with javascript. if the client's renderer is broken, then it's their problem, not yours. don't try to fix it or work around it with js or stupid hacks - it's just fucking broken and will never get fixed as long as people like you keep making work-arounds.

and nobody ever wants a mobile app. no user does, anyway. it's arsehole companies and marketing vermin who want users to be running their own special purpose spyware app rather than just visit a web site.

You want to tilt at windmills regarding the DOM and javascript. You can't do the operations people want today with plain xhtml and style sheets. Not to mention, I would need to do device detection to decide on WHAT style sheet to deliver.

You're idea is to deliver what amounts to a PDF and absolve yourself of all responsibility for the rendering. Great. Unrealistic, but great.

Don't group me with those "people". I'm not making stupid hacks and I'm just as tired as you are about all the bullshit just to get something done. Javascript is the only way to do it, and you are conflating the problems of style sheets and rending with JS. No, not always. In fact, not even that often if you are doing JS correctly.

I'm not interested in making JS do everything on the page. A simple event to change the background color to create a menu is not something that should ever break the rendering of the page. By the same token, an AJAX call tied to a click event is not going to break the rendering either. It can even HELP. You don't have to download an entirely new page. Just modify the DOM with the result that came back.

The mobile app is the only sane response I have at the moment to the nightmare that is trying to get CSS rendering correctly on mobile devices, as well as every other freaking device they buy.

I don't want them visiting my website with a mobile browser since the chances of bullshit problems with rendering or malware is just too damn high.

A mobile app solves all the problems you speak about. I can finally, and reliably, control the user experience on their device.

You're right about the marketing vermin, but I'm NOT a marketing vermin. I just want users to be able to perform those operations they want without dealing with the hell that is mobile web browsing.

Be honest. Do you really want mobile web browsing when it sucks, the programs themselves are not standard, and the user experience is so different?

Having a native app written to do exactly what you want would always seem to be the preferred method. At least with the case of PhoneGap I get an IOS and Android App with one single platform.

I think that's easier than coding a separate mobile site for the platform.....

AND... if you are really so damn good that you can do all of what you are saying with just a document and a style sheet.. then teach us master. Show us the way through the valley of darkness to the fields of wheat and honey.

GP wants the exact opposite of a PDF. He is advocating for flexible design, not a rigid set of layouts. Trying to create a rigid page structure is exactly what causes problems. Stop micro-managing everything and start making your page simple.
You talk about "what people want". I assume you mean what clients want, because consumers don't care about frilly menus. They want a fast loading website with buttons where buttons always go and content in stardard format.
The people paying for the website think all of the bling is good, and it is your duty as the expert to try to explain why simple is better. Some clients will not listen, but that's their loss when their page only works on IE9 on 1600x900 screens.

It's likewise trivial to avoid shitty sites that go far out of their way to degrade the user experience, and thanks to the internet's intrinsic nature there's nothing unique on an ad-monger's site that can't be found elsewhere. NoScript helps to build that list of shitty sites. Let the parasites starve FFS.

...and suddenly the pages stop working altogether. It is trivial to make a page that is empty and use JavaScript to load the contents of the page. If these guys resort to AdBlock-detectors, why do you think they would allow NoScript to circumvent that?

Do we care?After all if they spend all this time trying to defeat Adblock and No-script they probably don't really have much to offer anyway.If they just tone down the amount of ads people would go to these lengths to get rid of them.

I care about security and safety. Also as a side effect, I get often get better performance. I don't care about "sticking it to the man". I am just trying to prevent the man from infecting me when he tries to "stick it in me".

The crap on some pages is just beyond belief. A pile of crud turning a 2014 broadband connection into a 1994 dialup connection.

Not to mention the viruses and malware that have been served up by some advertising networks, which has appeared on major sites. I noticed that TFA didn't mention that adblockers can protect users from malware.

But in 2014 we have email, Slashdot, and sites that process logic and require dynamic page generation and logic which javascript is used. It is not a simple hypertext viewer and you are clueless to say anything else otherwise as appear a luddite.

/. works just fine for me with javascript disabled.That's what Classic Mode is for. I even prefer it.

If disliking highly dynamic websites makes me a luddite, then I will proudly bear that distinction.

If a human can view the content and work out where the ads are, so (ultimately) can a computer - the obvious fix for now is that Greasemonkey can be used to sort those out.

I'd also add though, this may well be heavily counter-productive for many sites. There is very little truly unique content out there in reality - and as a consequence it is worth far less to the marginal user than the site owners often think it is. Some of the sites which lose viewers because of this may simply say "good riddance" as those users are a net drain on resources - but that's a dangerous path to take as those people are, I would imagine, more likely to be either influential opinion-formers (who drive much more traffic to the site who won't block ads), or providing user-generated content which has value in itself.

Some of the sites which lose viewers because of this may simply say "good riddance" as those users are a net drain on resources -

I'm quite sure that's how they'll see it.

but that's a dangerous path to take as those people are, I would imagine, more likely to be either influential opinion-formers

A lot of geeks like to think they're influential opinion-formers. Most of them are far less influential than they imagine, and the guys running web sites know this for a fact because they have actual statistics from exactly the kinds ad-blocker-aware tools we're discussing here.

Then YOU get to ask YOURSELF whether YOU want to take the risk of running THEIR scripts on YOUR system in order to read/watch THEIR content.

Individual preferences will, of course, vary. But I've found that the sites that run scripts usually don't have much content worth my time.

As for ads... if they weren't so abused in the first place (pop-ups, pop-unders, flashing, auto-run-sound, slowing-down-the-entire-page, redirect-on-close, etc) then there wouldn't be such a large movement to block them.

Ads today are not as much about selling a product as tracking where you go and what you click on. The products advertised bear no relationship to the site I've visited.

Then YOU get to ask YOURSELF whether YOU want to take the risk of running THEIR scripts on YOUR system in order to read/watch THEIR content.

Of course Javascript is limited to accessing THEIR content. Anything else on YOUR system is out of reach of Javascript.

But I've found that the sites that run scripts usually don't have much content worth my time.

Then you aren't using much in the way of Web 2.0 sites. Most of the interactive web-sites since Google Maps are unavailable to you. Hope you like the 1990s.

I'm all for blocking ads. But disabling Javascript altogether is throwing out the baby with the bath water.

The point of NoScript is not do disable Javascript alltogether. The standard browser settings include a checkbox to disable Javascript entirely for all sites. That isn't what the add-on NoScript is for. NoScript is there to selectively disable the scripts that you decide are unnecessary.

I wish people who actively choose to comment on a thing would take a moment to acquire the most basic familiarity with that thing. It would lead to far fewer redundant posts and far fewer posters who are convinced they've pointed out the "obvious flaw" that no one else was smart enough to ever think of...

the problem is that we are seeing an increase in sites that will pop up with a separate page and wont let you see ANY content until you stop using an adblocker. luckily those are mostly used on bad sites, but if they ever become popular it will be a problem.

The hilarious thing about many of those sites is that the "block" is just a layer in front of the actual content. Firefox's built-in "inspect element" is usually enough to remove it and get to the content.

Then, I will fetch a fucking _book_, find the information by myself, and share it online, as everyone has been doing since the dawn of internet. Shit, it's true that using the internet makes people less inteligent.

Not necessarily. That's more true for users who think the Internet (I assume you mean the Web) is for passive consumption of corporate-owned one-to-many content, like television. Other users appreciate that it's a two-way many-to-many communications medium and take a much more proactive stance on how it should be used. If anything, those users are sharpening their skills and their ability to think and reason. They tend also to realize that their systems retrieve only the information they are configured

Bah, they'll just wrap the content in JavaScript. Wanna use NoScript? Fine, then you don't get to access the content.

Works for me.

No, really, it does - for the websites that I absolutely have to access no matter what, I've already whitelisted them. For everything else, I couldn't care less.

So far, those sites which spew the most adverts (minus the blockers) are the ones I really don't give a damn about.

If I connect, no problem, and I will determine how much of my attention that I give to their ads by whitelisting (if the site is IMHO worthy enough to go back to more than a couple of times, I whitelist them and help them out a bit, unless the ads are uber-intrusive.)

If I don't connect, no problem, I'll go somewhere else and likely not even bother revisiting except by accident.

If you take the view that the purpose of the website is to promote the company, and the purpose of the Ad is to, err, advertise (either the company, one of their services, or an affiliate), then the Adblock arms race will probably be ultimately won by that company's competitors:

That is fine for a site that exists to sell products or a service, and indeed in many of those cases you will find no or very limited ad presence.

The problem comes about when the site exists to sell advertising, with the content on the site being the hook to get people to the site to see the ads. This is the model for most every news site, even news for nerds. Paywalls have not gone over well in the market, and everybody wants content to be free, but the reality is that these sites have to pay the bills somehow.

And yet, here we are almost 20 years into the web and stuff is still largely free.

Personally, I think ad blockers must not be much of a problem or sites would be serving up the ads from their own domain. Right now they are trivial to block - most ads can be killed with a simple hosts file.

Customers are frequently wrong, and sometimes their actions are outright hostile.

Up to a certain point, it can be beneficial to overlook that in order to maintain good relations. The long term benefits may be worth taking a short term hit.

Beyond that point, the correct response is to dump that customer as quickly and cheaply as you can manage. Ideally, you at least do it with no hard feelings, but sometimes even telling them bluntly to shove it is justified.

This is my biggest my biggest issue with most of the ads on the internet. When it comes to sites that are proactive and actually have an approval process for ads and wrap them up in their own delivery system to avoid spreading malware to their customers, I let the ads through. Sites that take a reactive stance towards possible malware (or no action at all) and basically just spew whatever crap the third party advertiser gave them unfiltered get blocked.

The way I see it is if you don't care whether or not you're spreading malware you don't deserve ad revenue. Hell, you don't deserve any business from me at all.

Because, let's face it... once the ad-block guys figure out how the advertisers are figuring out they are being blocked, they'll block it another way and then another way... until one side builds an a-bomb so big that the world is afraid the Internet will split in two if detonated.

That was a metaphor; no one nuke the advertisers, please. Or at least give me a few days notice so I can get to a safe distance.

until one side builds an a-bomb so big that the world is afraid the Internet will split in two if detonated.

Yes, it's called legislation. Apple. Google, and the other multi-billion dollar ad servers will eventually go to congress to try to find a legislative way to make sure you watch advertisements if everyone stops viewing ads via whatever means. Just convince some idiot Senator who thinks the internet is made of tubes that advertisement and java blockers threaten security and the American way. I would argue this is a long shot, but not incomprehensible. There is a lot of money involved, and those who own the l

If you want an add to appear on your page take ownership of it. Host it as an image file on your own website that you control and you are responsible for.

Anything else, we intend to find ways to block it, because we have learned the hard way that you cannot trust advertisers to not infect your system with malware (not always intentionally, but lets face it, that's a big source of failure).

thing is, the advertisers will never do that - simply because their business model relies on tracking impressions and so forth. Hence they have to serve the ads on their own web platforms.

This is the main reason I block ads - the page I'm viewing usually hangs while its contacting the ad (he, one of the many ad) platforms to return some cookie-harvesting ad monster with all kinds of analytics processed on the back end.

Get rid of that and they have nothing to offer, and as long as there is any comms to the a

This. We may find that the current online advertising model is like the Soviet revolution. If the hosting site and the ad scripts start working in concert, it might be like a crackdown by hardliners. Unlike a totalitarian regime, migration from your site is usually not that difficult. You'll lose the users. Maybe then commercial sites will realize that they have to go back to something more like the old print media model. You couldn't just blindly turn over newspaper pages to 3rd parties. Advertisers had to trust things like circulation figures and demographics. It was a far less sophisticated analytic. Publishers will have to be trustworthy enough for advertisers to trust *publisher* analytics. If the New York Times really wanted to be innovative, they are the kind of company that could do this. That, along with getting rid of user registration would really shake up the industry. I think it'd be a clear winner as long as the publisher didn't do the same kind of scripted nasties that ad networks currently do.

Wouldn't you love to be able to browse a high quality site, knowing that the ads aren't going to ass-rape your system? Aside from that, wouldn't it be nice to look at page archives 30 years from now and see period ads. You can look at magazines from 100 years ago and get insights into the culture, and develop an appreciation for the history of strong brands like Coca Cola, or oddities like patent medicines with radium in them. Future historians will look at the last 20 years as if the tape of our commercial activities had been erased.

Future historians will look at the last 20 years as if the tape of our commercial activities had been erased.

Perhaps they'll just write that it was a time when capitalism had gone completely crazy -- a time when 99.9% of e-mails were spam, where over 1/3rd of television was advertising, where half of the content of a website was advertisement, where thousands of tons of printed advertisements were moved from mailboxes to dumpsters, and where retailers invaded our privacy with in-store tracking tools and built robots to determine our sex, race, and likely socioeconomic status in realtime, and then displayed differe

I own my computer. I've been convincing every of my friends and family members to adopt a zero tolerance policy toward internet advertizing, partly as it's a huge security risk as seen in all recent stories about malware delivered with ads, and partly to opt out of "big data" collector activities.

Advertizers don't get it. My computer runs what I want it to, not what THEY want it to. They may make polite requests to display things, or to run things, which I can either say yes or no to.

The internet existed for decades before advertizers discovered it, and it'll be just fine - better even! - after they depart. Maybe we'll go back to its roots of crowdsourced content, rather than "big corporate content".

If so many ads weren't obnoxious flash or javascript and simply a hyperlinked picture/text, then I wouldn't feel compelled to block them. But these so-called ads are largely intrusive and annoying and make the web browsing experience suck. Just like email and spam that have tracking linked images in them that I choose to automatically round file instead of at least checking out the content. Make the experience pleasant and controllable by me and I'll play along; otherwise, I take control with tools like adblock.

You don't get it. We don't trust you to verify the integrity of the software you are trying to force on us. I don't really care that you would prefer to have delivered it yourself, I care that it's malware. And I don't want it.

If your site requires that I have malware installed on my computer to use it, then your site, and the company attached to it, can just drop dead.

The people that are using ad-blockers are stating "I am annoyed by adds". These people seem to think it is a good idea to show the people that have flagged themselves as getting annoyed by ads more ads. That seems really really dumb.

These people should be careful what they wish for. There are many, many sites out there for people to browse on. Annoy a "customer" to much and it is very easy for them to go elsewhere.

Maybe the current crop of adblockers don't download the ads and can be monitored using JavaShit but eventually one will be created that downloads the ads but simply leaves that section of the screen blank. These days most ads are recognised by URL and that URL is usually hosted on a different server to the site itself. Future adblockers could use a thunderbird anti-spam type algorithm to visually recognise ads and match them with a database of things that people reported as ads

The race is winnable alright. Even if the end result would be the demise of "free sites" who get rich off the ads or the more recent trends of sites not getting very rich of the ads but hoping for acquisition by some supermassive company who will plaster the said site with ads until all users leave.

I am sure its because ad-blocking software is reporting your every move and building a psychological profile on you, that eventually finds its way into the hands of the government, a government, potentially many governments, terrorists, or whoever manages to hack whoever has the list that day.

what ethical issues are there with ad-blocking software that outweigh the ethical issues behind current advertising?

AdBlock and similar tools might be defeated, but nothing can defeat me not visiting the site again if the ads are too annoying. I'll put up with some tasteful ads, but too many annoyances and I just will block the site entirely.

If people are blocking your ads, it's probably because they're not interested in seeing the god damn ads. Sneaking past the ad blocker won't result in me going "gee, you got me, I'll be good and click on your ad now." More likely it will piss me off to the point where I stop visiting your site.

Stupid marketers and their "arms race" mentality was what resulted in people developing and using adblock and noscript in the first place. "What do you mean people still aren't clicking on our ads? It's got a dancing monkey with a flashing background and it occupies half the browser window! Fine, we'll make it play music too, and pop up fifty windows... maybe THEN they'll realize the error of their ways and click on it."

Yeah, it's really simple guys: the best anti-adblock is making ads that people actually want to see. At worst, if you can't do that, at least don't make them obnoxious, intrusive, or any other such thing. Also, making good content and making people want to support you is a good way of getting them to turn off adblock.

This is a technical "solution" to a non-technical problem. It will never work.

AdBlock is something I've started installing for friends and family more as a way to block malware, than as a way to block ads outright. Poisoned ads (malvertising) account for a lot of malware installs. Just Google for iTunes or Firefox and the top ad results are malware infected installers.

Besides the incredible annoyance of ads in the slow downs they cause, they're also a dangerous pathway to malware and viruses. Common methods like embedding an iframe into a page that loads a script that targets a browser exploit to install something nasty (drive-by downloads), oneclick exploits, baiting users to download things, etc.

I'd warrant (but don't have the statistics to back me up) that the typical ad-block user would be less prone to click on ads if forced to see them than a typical surfer. I don't see why these crybaby advertisers are so desperate to reach a market that would have low click-through rates. The advertisers win by not needing the extra bandwidth necessary to serve up ads to people that wouldn't click on them anyways.

Several times, in several different ways I found the question asked... is it ethical to block ad's. My response: You are asking the wrong question: Is it ethical to track me without my permission? Is it ethical in inject mal-ware into my system? Is it ethical to not allow me access to information you claim is about me? Is it ethical to make money on my actions -- without a reward for me?

Any site that I use more than once a week, I add to the AdBlock whitelist. However! If I get an annoying ad on that site, it goes back to the blacklist, for at least a month or two. Basically, until the guilt starts creeping in that I'm using their service without paying for it. If you want to remain on the whitelist, and get my page impressions, then don't use shady advertisers that use self-expanding ads, auto-play ads, and especially flashing or noisy ads.

Would this company, who buys into a service to force their ads onto my computer, actually think that there is any way in hell that I would buy anything from them?

Welcome to the hostfile mutha'

The thing they refuse to get is that many of us, myself included, don't mind seeing a few ads. But multiple ads with motion, or one of my real pet peeves, like an almost full page floating around abomination from teh likes of Yahoo, are just too much. And with pushing ads from unknown outfits, that often carry malware, sorry, your webpage isn't all that necessary for me to view.

A month or so ago, I did some experiments, turned off all the scripts with no script. Went to a few sites - I forget which right now, but it was something like the New York times. Of course the page didn't load correctly. So I turned off all the scripts. Still didn't show up. Ther ewere more scripts that wanted run. Did this many 5 times before the site showed. There were 20 plus something scripts running, almost all of them tracking scripts. One fonting script.

Between forcing ads on us, and tracking scripts, all I have ot say is no thanks - I need to see your site less than you need me to see it.

Welcome to my hostile, NYT. And other sites that insist on being a pain in the backside.

Flash ads that play sound really loudly and/or move across the screen don't annoy you? How about the current trend of pop over javascript windows that wait 10 seconds or so for you to start reading, and then fade the page as they pop up, forcing you to click them closed? Those are fucking aggravating, and a lot of sites do that now. The passive 'just don't visit that site' tactic doesn't actually solve the problem. There has to be a way to push back. ad blockers allow this.

Except you're on *their* site which costs *them* money to run. As much as I hate ads too, I have to admit the reality of the situation. As long as we have money and everything has a cost, nothing will be "free" completely.

So yes, you paid for all of your equipment. But you haven't paid anything to view the content if you block ads. Why do you have absolute right to view it without some kind of compensation to the owner for their costs?

So yes, you paid for all of your equipment. But you haven't paid anything to view the content if you block ads. Why do you have absolute right to view it without some kind of compensation to the owner for their costs?

Ad revenue is minimally moral because it uses you as a product, not as a human who makes decisions. Why does the site owner have a right to treat the visitor as a fuel for his profit-generating machine?

If the site cannot be free (such as being ran as a service to the Internet) then it shou